Commit Graph

46391 Commits

Author SHA1 Message Date
Stephan Herhut
c04e9e0cd8 [wasm] Do not mark JS heap writable during compilation
Now that wasm code lives in its own native heap, we no longer need to
switch protection for the js code space. Hence, remove a left-over
CodeSpaceMemoryModificationScope.

Change-Id: I80830bc4b0eee672c9e5c7ba0088ffcbc5b2da57
Bug: v8:7549
Reviewed-on: https://chromium-review.googlesource.com/960002
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51899}
2018-03-13 10:54:03 +00:00
Georg Neis
7e45e961b2 [parsing,interpreter] Use StoreInArrayLiteral IC for array rest pattern.
This removes the last use of %AppendElement (and the function itself),
which was in the pattern rewriter's code for destructuring assignment
with an array rest pattern. In its place, it introduces a
StoreInArrayLiteral AST node that corresponds to the StoreInArrayLiteral
bytecode (which in turn corresponds to the StoreInArrayLiteral IC).

Change-Id: I1d212407b025cf0919263d119f6f47c88bd9a71e
Reviewed-on: https://chromium-review.googlesource.com/955307
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51898}
2018-03-13 10:36:23 +00:00
sreten.kovacevic
1542ace44e [Liftoff][mips] Implement stack instructions for MIPS in Liftoff
Implement instructions for stack operations.
Also, fix some issues that came up after implementing them.

Bug: v8:6600
Change-Id: I83dfe621b123081f9ae4d234605358c9ce81420f
Reviewed-on: https://chromium-review.googlesource.com/956072
Commit-Queue: Sreten Kovacevic <sreten.kovacevic@mips.com>
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51897}
2018-03-13 10:19:03 +00:00
Michael Achenbach
73f049e445 Revert "[in-place weak refs] Use WeakArray in Script::shared_function_infos."
This reverts commit bf9ab7294d.

Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/22169

Original change's description:
> [in-place weak refs] Use WeakArray in Script::shared_function_infos.
> 
> For serializer changes, see goo.gl/Kh2eop
> 
> BUG=v8:7308
> 
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
> Change-Id: I2b790413a4c0d8c8cc0c07ba7b901c965d64eb11
> Reviewed-on: https://chromium-review.googlesource.com/955593
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51895}

TBR=ulan@chromium.org,marja@chromium.org,yangguo@chromium.org,hpayer@chromium.org

Change-Id: Ib9552d5c2c284ff27463e61a054c60cc20f2f8cc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7308
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/960121
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51896}
2018-03-13 10:13:54 +00:00
Marja Hölttä
bf9ab7294d [in-place weak refs] Use WeakArray in Script::shared_function_infos.
For serializer changes, see goo.gl/Kh2eop

BUG=v8:7308

Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2b790413a4c0d8c8cc0c07ba7b901c965d64eb11
Reviewed-on: https://chromium-review.googlesource.com/955593
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51895}
2018-03-13 09:22:30 +00:00
Michael Starzinger
0e76b658fd [snapshot] Remove dead {WasmCompiledModuleSerializer} class.
R=jgruber@chromium.org
BUG=v8:7549

Change-Id: I76c123018ff1ff63ed753e6aff22fe9d12ba2696
Reviewed-on: https://chromium-review.googlesource.com/959063
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51894}
2018-03-13 09:11:50 +00:00
Benedikt Meurer
631629ad54 [es2015] Properly deal with fast-path results from IterableToList.
The IterableToList helper builtin can return the input JSArray unchanged
if the fast-path detection decides that it doesn't need to iterate the
elements, which means we can also get a JSArray with an elements kind
that is not PACKED_ELEMENTS as a result of IterableToList.

Bug: chromium:821159, v8:7310
Change-Id: I93a886e6b7f1e1a58dd05affa46fea7501cc5a81
Reviewed-on: https://chromium-review.googlesource.com/959323
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51893}
2018-03-13 07:23:57 +00:00
Benedikt Meurer
022e1a5f94 [turbofan] Properly deal with killed nodes in LoadElimination.
Depending on visitation order the LoadElimination might be find memoized
nodes in its state tables that were killed by other reducers in the mean
time. The LoadElimination must just ignore those stale entries.

Bug: chromium:820820
Change-Id: Ia62e401ff77da547ed215a14074e70aeb5c3a766
Reviewed-on: https://chromium-review.googlesource.com/958843
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51892}
2018-03-13 06:27:13 +00:00
v8-autoroll
ce14aec18a Update V8 DEPS.
Rolling v8/build: 8e843a9..cd1fe2b

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1537dce..548a5bc

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I31dc66348080158c2f7b118ef29850ec621bbc31
Reviewed-on: https://chromium-review.googlesource.com/959801
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51891}
2018-03-13 03:53:17 +00:00
Eric Holk
e4402ed0bc Ensure ArrayBuffers are not neutered twice
Bug: chromium:813876
Change-Id: I71c571e4185eff3a7386141a408dcb820a70ff95
Reviewed-on: https://chromium-review.googlesource.com/933594
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51890}
2018-03-12 22:55:59 +00:00
Michael Starzinger
575f7423c1 [wasm] Remove unused {WasmCompiledModule::code_table} field.
R=clemensh@chromium.org
BUG=v8:7549

Change-Id: I90bd4cf8ed31f46d475cd46de868e483c84c6aba
Reviewed-on: https://chromium-review.googlesource.com/959013
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51889}
2018-03-12 18:42:12 +00:00
Michael Starzinger
b68db45b25 [objects] Remove unused {Code::protected_instructions} field.
R=clemensh@chromium.org
BUG=v8:7549

Change-Id: I6c888fb2610ef76d488e17576773f47a7358d0d9
Reviewed-on: https://chromium-review.googlesource.com/957729
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51888}
2018-03-12 17:40:22 +00:00
Michael Starzinger
7e2000118c [wasm] Remove deprecated WASM_CONTEXT_TABLES macro.
R=clemensh@chromium.org
BUG=v8:7549

Change-Id: I57d5065490703e0106a87bbb6855e750ee5ca34a
Reviewed-on: https://chromium-review.googlesource.com/959002
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51887}
2018-03-12 16:47:47 +00:00
Andreas Haas
825d017568 [intl] Store the collator as a Managed
The lifetime of the collator is handled by the JavaScript heap. At the
moment this is implemented with a weak GlobalHandle. With this CL I
change the implementation to use a Managed object instead. In addition I
did some code cleanup.

The main reason for using a Managed is an lsan problem. The final GC in
d8 is triggered before all pending WebAssembly compilations get
canceled. Via the native context, WebAssembly compilation can keep the
Collator wrapper alive, and therefore the collator is never deallocated.
Managed, however, get processed at isolate teardown, independent of the
reachability of the Managed.

TEST=mjsunit/regress/regress-813440

Bug: chromium:813440
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ie727eb1aff2144586eb36426cc44a32357c0f822
Reviewed-on: https://chromium-review.googlesource.com/956069
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51886}
2018-03-12 16:46:42 +00:00
Andreas Haas
5413c2002a [heap] Fix typo: the flag is called '--track-retaining-path'
R=ulan@chromium.org

Change-Id: Ib35e3556f11b1c7beb6aa908ac72d0a1bd9d8639
Reviewed-on: https://chromium-review.googlesource.com/958923
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51885}
2018-03-12 16:06:22 +00:00
Hannes Payer
f7aa8ea00b [heap] Turn on --write-protect-code-memory.
Bug: chromium:774108
Change-Id: I04546edfbc20e92757bd6da0505868f357f8d40d
Reviewed-on: https://chromium-review.googlesource.com/959005
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51884}
2018-03-12 14:50:52 +00:00
Michael Starzinger
0fc6c35c3a [wasm] Remove deprecated --wasm-jit-to-native flag.
The feature in question has been enabled by default for a while and we
no longer need to maintain a configuration without it enabled. Note that
this change only removes the mechanical pieces. Further cleanup enabled
by this will be done as follow-ups.

R=clemensh@chromium.org
BUG=v8:7549

Change-Id: I90e5bcddabe74a18a4d2a88132e8dc93317bcff4
Reviewed-on: https://chromium-review.googlesource.com/958424
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51883}
2018-03-12 14:36:32 +00:00
Andreas Haas
388579bdca [heap] Do not schedule MemoryReducer tasks when heap->use_tasks() is false
Bug: chromium:810739
Change-Id: I7658e01394b03ade1acedb37b1e56004dc7660fb
Reviewed-on: https://chromium-review.googlesource.com/959004
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51882}
2018-03-12 14:20:52 +00:00
Camillo Bruni
6d1ce93558 [printing] Improve ScopeInfo printing
Bug: v8:7066
Change-Id: I5aa7e976eee6b197586a656ee2e38b9d429ec07b
Reviewed-on: https://chromium-review.googlesource.com/955587
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51881}
2018-03-12 14:17:12 +00:00
Hannes Payer
f1cf0733cd [heap] Unprotect huge free list nodes for code allocation.
Bug: chromium:774108
Change-Id: I640a4f0f17244ee77fa5480ec9faa773310b9caf
Reviewed-on: https://chromium-review.googlesource.com/958907
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51880}
2018-03-12 14:13:52 +00:00
Camillo Bruni
b089749143 [tools] Fix grokdump.py D/CHECK error message extraction
Change-Id: I5ee7de89a262fce7db25a970a3c56c25eb6f6803
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/958924
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51879}
2018-03-12 13:36:01 +00:00
Jaroslav Sevcik
cdcc39e7f9 Stage --branch-load-poisoning behind --future.
This is to increase test coverage (ClusterFuzz and such).

Bug: chromium:798964
Change-Id: I4923fb62b52b79636bfc24b76f9642135335c96c
Reviewed-on: https://chromium-review.googlesource.com/958463
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51878}
2018-03-12 12:24:01 +00:00
Sigurd Schneider
da08dfc31c [turbofan] Remove simplified operator StringCharAt
This CL now uses StringCharCodeAt + StringFromCharCode to replace
StringCharAt. Optimizations are easier to implement if we have both
operators; however, if this tanks performance a lot we have to revert.

R=bmeurer@chromium.org

Bug: v8:7531
Change-Id: I75590cc8b8db57715bc2de9f5b98d0878d62a394
Reviewed-on: https://chromium-review.googlesource.com/956134
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51877}
2018-03-12 11:49:26 +00:00
Marja Hölttä
b0dc290a9a [in-place weak refs] Add WeakFixedArray (an array of in-place weak references).
Not used yet apart from tests.

BUG=v8:7308

Change-Id: Ibbe12597007cba123236c9fab85c524df3d5dd4a
Reviewed-on: https://chromium-review.googlesource.com/955427
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51876}
2018-03-12 11:48:21 +00:00
Michael Achenbach
8f1cdc722b Revert "[heap] Turn on --write-protect-code-memory."
This reverts commit 73408095be.

Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/21075
https://build.chromium.org/p/client.v8/builders/V8%20Win32/builds/12955

Original change's description:
> [heap] Turn on --write-protect-code-memory.
> 
> Bug: chromium:774108
> Change-Id: I8001013d1ee75d0847fd6a804c9e37774d900992
> Reviewed-on: https://chromium-review.googlesource.com/957088
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51873}

TBR=hpayer@chromium.org,ahaas@chromium.org

Change-Id: I52bd5085b9778f85687925e8fcb9c2a4b9c5934c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:774108
Reviewed-on: https://chromium-review.googlesource.com/958862
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51875}
2018-03-12 11:14:32 +00:00
Jaroslav Sevcik
a5ea611b32 [turbofan] Turn off array masking if branch-load poisoning is on.
Bug: chromium:798964
Change-Id: Ia2f0ade9e69aeb4eb0497ff91abb7ffa1d02e03f
Reviewed-on: https://chromium-review.googlesource.com/958515
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51874}
2018-03-12 10:39:32 +00:00
Hannes Payer
73408095be [heap] Turn on --write-protect-code-memory.
Bug: chromium:774108
Change-Id: I8001013d1ee75d0847fd6a804c9e37774d900992
Reviewed-on: https://chromium-review.googlesource.com/957088
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51873}
2018-03-12 10:30:51 +00:00
Clemens Hammacher
643ae16f64 [Liftoff] Implement float promotion and demotion
Add support for f32.demote/f64 and f64.promote/f32.
Both are straight forward to implement on ia32 and x64.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: I75213ddf5f422d0aa1d5d9a3bbc90ac32f6950f5
Reviewed-on: https://chromium-review.googlesource.com/955849
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51872}
2018-03-12 10:09:12 +00:00
Benedikt Meurer
f269570290 [cleanup] Drop spread.js for good.
Use IteratorToList to implement CallWithSpread and ConstructWithSpread
instead.

Bug: v8:7310
Change-Id: Ic1c44cc97914fa4fb92da8c568ac66f3ae78e520
Reviewed-on: https://chromium-review.googlesource.com/956073
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51871}
2018-03-12 09:44:11 +00:00
Sigurd Schneider
1adc4a66e8 [turbofan] Remove runtime call from String.fromCharCode
The single argument version of String.fromCharCode had an unneccessary
runtime call in it; this CL removes it.

Bug: v8:7531
Change-Id: Ieeb7d8aaffb0eabf814a52c51eaff50cb57d87c9
Reviewed-on: https://chromium-review.googlesource.com/955646
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51870}
2018-03-12 09:39:31 +00:00
Sigurd Schneider
53c8152bfb Move function definition into right #ifdef range
Bug: v8:6666
Change-Id: I23be9d77e7216932bd81cc75e2d5872ce0248c3c
Reviewed-on: https://chromium-review.googlesource.com/958514
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51869}
2018-03-12 09:25:31 +00:00
Yang Guo
14a41cbb95 Skip failing debug test on x64 msvc.
TBR=machenbach@chromium.org
NOTRY=true

Bug: v8:178
Change-Id: Id13721946dc0dd2f4154dda516a79d5599b26c56
Reviewed-on: https://chromium-review.googlesource.com/958513
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51868}
2018-03-12 07:38:30 +00:00
Yang Guo
d81b7aa054 [debug] materialize arguments and receiver for break-at-entry condition.
R=clemensh@chromium.org, jgruber@chromium.org

Bug: v8:178
Change-Id: I6f180c5539935cd91cfbbb777d5900a55c681b1f
Reviewed-on: https://chromium-review.googlesource.com/957094
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51867}
2018-03-12 07:10:20 +00:00
Yang Guo
e58bc018ff Reland "Skip Execution::Call in CompileFunctionInContext."
This is a reland of ce8f514138

Original change's description:
> Skip Execution::Call in CompileFunctionInContext.
> 
> We execute the top-level function only to get to the wrapped function.
> We could do the same by simply instantiating it.
> 
> Other approaches would change the parser so that the top-level function
> is the wrapped function. However, that change violates existing scoping
> invariants and fixing it would add a lot more complexity to the parser.
> 
> R=adamk@chromium.org, marja@chromium.org
> 
> Bug: v8:7172
> Change-Id: I7272b8b58fc739d47a44da3a9d4a914af3e8cf3d
> Reviewed-on: https://chromium-review.googlesource.com/836367
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50333}

Bug: v8:7172
Change-Id: Ie0e4b3db46f84a30cff8613c89eb11534ce3c1ac
Reviewed-on: https://chromium-review.googlesource.com/956146
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51866}
2018-03-12 07:00:10 +00:00
v8-autoroll
923a7ad358 Update V8 DEPS.
Rolling v8/tools/clang: b6fe934..0a9737b

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I85267bc7ecb1fc6cb53cfd761f414147b3d47d73
Reviewed-on: https://chromium-review.googlesource.com/958684
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51865}
2018-03-12 03:56:30 +00:00
Clemens Hammacher
d1464debea [Liftoff] Implement i32/i64 to f64 conversions
After the refactoring for supporting f32 conversions, adding f64
conversions is straight forward.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: I8f76fbef3f1e67ecdb02dd1d103868f2d1d3226f
Reviewed-on: https://chromium-review.googlesource.com/957026
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51864}
2018-03-11 18:04:49 +00:00
Tobias Tebbi
94bbb8bb09 [turbofan] escape analysis: no longer remove TypeGuard nodes
The analysis phase used to skip TypeGuard nodes, which are
normally re-introduced by the reduction phase. However, phi nodes
are created during the analysis phase already, and so it could happen
that a phi input skips a TypeGuard.

This CL solves the problem by not removing TypeGuard nodes in the first
place, but only forwarding the VirtualObject. This is analogous to how
we already treat FinishRegion nodes, which are similar in that they are
a renaming too.

Bug: chromium:741225
Change-Id: Icf8aa2d40a30d89788d875b37b9986111f9c966f
Reviewed-on: https://chromium-review.googlesource.com/958442
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51863}
2018-03-10 19:59:48 +00:00
Michael Achenbach
b8128279a3 Revert "[esnext] re-implement template strings"
This reverts commit 8ae19e08b1.

Reason for revert:
Speculative revert for layout test:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/22215

See:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original change's description:
> [esnext] re-implement template strings
> 
> - Add a new bytecode for the ToString operation, replacing the old
> intrinsic call (currently does not collect type feedback).
> - Add a new AST node to represent TemplateLiterals, and avoid
> generating unnecessary ToString operations in some simple cases.
> - Use a single feedback slot for each string addition, because the
> type feedback should always be the same for each addition
> 
> This seems to produce a very slight improvement on JSTests benchmarks
> and bench-ruben.js from v8:7415, and it's possible that type feedback
> for the ToString bytecode could provide more opportunities to eliminate
> the runtime call in TurboFan.
> 
> Doesn't touch tagged templates
> 
> BUG=v8:7415
> R=​rmcilroy@chromium.org, ishell@chromium.org, bmeurer@chromium.org
> 
> Change-Id: If5a8c68558431f058db894d65776324abf54218e
> Reviewed-on: https://chromium-review.googlesource.com/945408
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Caitlin Potter <caitp@igalia.com>
> Cr-Commit-Position: refs/heads/master@{#51853}

TBR=rmcilroy@chromium.org,caitp@igalia.com,ishell@chromium.org,bmeurer@chromium.org

Change-Id: Id0529b065493ffc20c8f2b1abacc4c1484c3c046
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7415
Reviewed-on: https://chromium-review.googlesource.com/958163
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51862}
2018-03-10 16:45:30 +00:00
Michael Achenbach
89204e90bb Revert "[esnext] fix OOB read in ASTPrinter::VisistTemplateLiteral"
This reverts commit 0802e2b262.

Reason for revert: For reverting https://crrev.com/c/945408

Original change's description:
> [esnext] fix OOB read in ASTPrinter::VisistTemplateLiteral
> 
> Fixes an error where TemplateLiteral printing in --print-ast
> would try to read an element beyond the length of a vector.
> 
> BUG=v8:7415, chromium:820596
> R=​adamk@chromium.org, gsathya@chromium.org
> 
> Change-Id: Idf9e0da8c165ee62bc1a348a91c2ed5ed798404a
> Reviewed-on: https://chromium-review.googlesource.com/957883
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Caitlin Potter <caitp@igalia.com>
> Cr-Commit-Position: refs/heads/master@{#51857}

TBR=adamk@chromium.org,gsathya@chromium.org,caitp@igalia.com

Change-Id: I5fe950cd823ae350b5f6c09227a62aef9dc2a008
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7415, chromium:820596
Reviewed-on: https://chromium-review.googlesource.com/957724
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51861}
2018-03-10 16:44:20 +00:00
v8-autoroll
4cb681e7d1 Update V8 DEPS.
Rolling v8/build: d8b353b..8e843a9

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/df668c3..1537dce

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I7f9c08d17ba2fb7b03547eb01a7a875194c2b94d
Reviewed-on: https://chromium-review.googlesource.com/958202
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51860}
2018-03-10 04:51:00 +00:00
Jakob Kummerow
0c0847bea4 [bigint] Fix Object::VerifyApiCallResultType
Add BigInt to the list of allowed result types.

Bug: v8:6791, chromium:819871
Change-Id: Ib636859da07b38c462ce7017d720e5370ba618d6
Reviewed-on: https://chromium-review.googlesource.com/957422
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51859}
2018-03-10 02:47:20 +00:00
Sergiy Byelozyorov
deb150dba7 Whitespace CL
TBR=sergiyb@chromium.org

Bug: chromium:819555
Change-Id: I70e05a4b7fa917f3da22c9cf98ccd175f7b6a3ec
Reviewed-on: https://chromium-review.googlesource.com/957723
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51858}
2018-03-10 01:32:50 +00:00
Caitlin Potter
0802e2b262 [esnext] fix OOB read in ASTPrinter::VisistTemplateLiteral
Fixes an error where TemplateLiteral printing in --print-ast
would try to read an element beyond the length of a vector.

BUG=v8:7415, chromium:820596
R=adamk@chromium.org, gsathya@chromium.org

Change-Id: Idf9e0da8c165ee62bc1a348a91c2ed5ed798404a
Reviewed-on: https://chromium-review.googlesource.com/957883
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#51857}
2018-03-10 01:13:50 +00:00
Sergiy Byelozyorov
a0406ca909 Whitespace CL
TBR=sergiyb@chromium.org

No-Try: true
No-Presubmit: true
Bug: chromium:793687
Change-Id: Iaa076a1dbbf2494e05763c71903ef569c76de519
Reviewed-on: https://chromium-review.googlesource.com/955858
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51856}
2018-03-09 21:49:41 +00:00
Erik Luo
bf505e6065 [inspector] support BigInt in inspector
- Label as "bigint" in DevTools heap snapshot viewer
- Treat as new primitive in injected-script-source
- Show primitive value as property for BigIntObject
- Adds the "n" suffix onto description, both with/without inspector
  being present

Bug: v8:7486
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I47a02e32f9bdd9124a6c91056965574ecd443867
Reviewed-on: https://chromium-review.googlesource.com/940804
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51855}
2018-03-09 21:28:00 +00:00
Sergiy Byelozyorov
87956c74cd [tools] Add pypiwin32 pacakge to VPython config
TBR=machenbach@chromium.org

No-Try: true
Bug: chromium:813065
Change-Id: Ic502079f66432aefe33a765d212389b4ab191c1d
Reviewed-on: https://chromium-review.googlesource.com/955652
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51854}
2018-03-09 20:33:36 +00:00
Caitlin Potter
8ae19e08b1 [esnext] re-implement template strings
- Add a new bytecode for the ToString operation, replacing the old
intrinsic call (currently does not collect type feedback).
- Add a new AST node to represent TemplateLiterals, and avoid
generating unnecessary ToString operations in some simple cases.
- Use a single feedback slot for each string addition, because the
type feedback should always be the same for each addition

This seems to produce a very slight improvement on JSTests benchmarks
and bench-ruben.js from v8:7415, and it's possible that type feedback
for the ToString bytecode could provide more opportunities to eliminate
the runtime call in TurboFan.

Doesn't touch tagged templates

BUG=v8:7415
R=rmcilroy@chromium.org, ishell@chromium.org, bmeurer@chromium.org

Change-Id: If5a8c68558431f058db894d65776324abf54218e
Reviewed-on: https://chromium-review.googlesource.com/945408
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#51853}
2018-03-09 18:14:07 +00:00
jgruber
198148baa7 Skip test-debug/BreakPoint{JS,}Builtin
https://logs.chromium.org/v/?s=chromium%2Fbb%2Fclient.v8.ports%2FV8_Linux_-_mipsel_-_sim%2F9763%2F%2B%2Frecipes%2Fsteps%2FCheck%2F0%2Flogs%2FBreakPointJSBuiltin%2F0
https://logs.chromium.org/v/?s=chromium%2Fbb%2Fclient.v8%2FV8_Linux64_-_debug_-_fyi%2F1461%2F%2B%2Frecipes%2Fsteps%2FCheck_-_stress_off_heap_code%2F0%2Flogs%2FBreakPointBuiltin%2F0

TBR=yangguo@chromium.org

Bug: v8:7543
Change-Id: I137372b3330102fbd24f356d365206ce785eca83
Reviewed-on: https://chromium-review.googlesource.com/956048
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51852}
2018-03-09 17:26:36 +00:00
Sergiy Byelozyorov
988eb1e97b Whitespace CL
TBR=sergiyb@chromium.org

No-Try: true
No-Presubmit: true
Bug: chromium:820458
Change-Id: I962cdb57a89b1b852e92919812fcf67c7e38e3ed
Reviewed-on: https://chromium-review.googlesource.com/955853
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51851}
2018-03-09 16:57:08 +00:00
jgruber
3b99189b5d Add external references macro list
The macro list avoids duplication in external-reference-table and will
allow us to statically determine the size of the table in a follow-up.

TBR=mlippautz@chromium.org

Bug: v8:6666
Change-Id: I06bb2e8c25970b3c1047dafd6c63d7ca291fe37e
Reviewed-on: https://chromium-review.googlesource.com/956187
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51850}
2018-03-09 16:43:06 +00:00